<!DOCTYPE html>

<html lang="en">
  <head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"/>
    <meta name="author" content="Fraunhofer FKIE"/>
    <meta name="description" content="Malpedia is a free service offered by Fraunhofer FKIE. Administration is lead by Daniel Plohmann and Steffen Enders."/>
    

    <title>Malpedia (Fraunhofer FKIE)</title>

    <link href="/static/malpediasite/css/bootstrap.min.css" rel="stylesheet">
    <link href="/static/malpediasite/css/site-0.0.1.css" rel="stylesheet">
    <link href="/static/malpediasite/css/navbar.css" rel="stylesheet">
    <link href="/static/malpediasite/font-awesome-5.7.0/css/all.min.css" rel="stylesheet">

    <link rel="apple-touch-icon" sizes="57x57" href="/static/malpediasite/icon/apple-touch-icon-57x57.png">
    <link rel="apple-touch-icon" sizes="60x60" href="/static/malpediasite/icon/apple-touch-icon-60x60.png">
    <link rel="apple-touch-icon" sizes="72x72" href="/static/malpediasite/icon/apple-touch-icon-72x72.png">
    <link rel="apple-touch-icon" sizes="76x76" href="/static/malpediasite/icon/apple-touch-icon-76x76.png">
    <link rel="apple-touch-icon" sizes="114x114" href="/static/malpediasite/icon/apple-touch-icon-114x114.png">
    <link rel="apple-touch-icon" sizes="120x120" href="/static/malpediasite/icon/apple-touch-icon-120x120.png">
    <link rel="apple-touch-icon" sizes="144x144" href="/static/malpediasite/icon/apple-touch-icon-144x144.png">
    <link rel="apple-touch-icon" sizes="152x152" href="/static/malpediasite/icon/apple-touch-icon-152x152.png">
    <link rel="apple-touch-icon" sizes="180x180" href="/static/malpediasite/icon/apple-touch-icon-180x180.png">
    <link rel="icon" type="image/png" href="/static/malpediasite/icon/android-chrome-36x36.png" sizes="36x36">
    <link rel="icon" type="image/png" href="/static/malpediasite/icon/android-chrome-48x48.png" sizes="48x48">
    <link rel="icon" type="image/png" href="/static/malpediasite/icon/android-chrome-72x72.png" sizes="72x72">
    <link rel="icon" type="image/png" href="/static/malpediasite/icon/android-chrome-96x96.png" sizes="96x96">
    <link rel="icon" type="image/png" href="/static/malpediasite/icon/android-chrome-144x144.png" %}" sizes="144x144">
    <link rel="icon" type="image/png" href="/static/malpediasite/icon/android-chrome-192x192.png" sizes="192x192">
    <link rel="icon" type="image/png" href="/static/malpediasite/icon/favicon-16x16.png" sizes="16x16">
    <link rel="icon" type="image/png" href="/static/malpediasite/icon/favicon-32x32.png" sizes="32x32">
    <link rel="icon" type="image/png" href="/static/malpediasite/icon/favicon-96x96.png" sizes="96x96">
    <link rel="shortcut icon" type="image/x-icon" href="/static/malpediasite/icon/favicon.ico">
    <meta name="msapplication-TileImage" content="/static/malpediasite/icon/mstile-150x150.png">
    <meta name="msapplication-square70x70logo" content="/static/malpediasite/icon/mstile-70x70.png">
    <meta name="msapplication-square150x150logo" content="/static/malpediasite/icon/mstile-150x150.png">
    <meta name="msapplication-wide310x150logo" content="/static/malpediasite/icon/mstile-310x150.png">
    <meta name="msapplication-square310x310logo" content="/static/malpediasite/icon/mstile-310x310.png">
    <link href="/static/malpediasite/icon/apple-touch-startup-image-320x460.png" media="(device-width: 320px) and (device-height: 480px) and (-webkit-device-pixel-ratio: 1)" rel="apple-touch-startup-image">
    <link href="/static/malpediasite/icon/apple-touch-startup-image-640x920.png" media="(device-width: 320px) and (device-height: 480px) and (-webkit-device-pixel-ratio: 2)" rel="apple-touch-startup-image">
    <link href="/static/malpediasite/icon/apple-touch-startup-image-640x1096.png" media="(device-width: 320px) and (device-height: 568px) and (-webkit-device-pixel-ratio: 2)" rel="apple-touch-startup-image">
    <link href="/static/malpediasite/icon/apple-touch-startup-image-748x1024.png" media="(device-width: 768px) and (device-height: 1024px) and (-webkit-device-pixel-ratio: 1) and (orientation: landscape)" rel="apple-touch-startup-image">
    <link href="/static/malpediasite/icon/apple-touch-startup-image-750x1024.png" media="" rel="apple-touch-startup-image">
    <link href="/static/malpediasite/icon/apple-touch-startup-image-750x1294.png" media="(device-width: 375px) and (device-height: 667px) and (-webkit-device-pixel-ratio: 2)" rel="apple-touch-startup-image">
    <link href="/static/malpediasite/icon/apple-touch-startup-image-768x1004.png" media="(device-width: 768px) and (device-height: 1024px) and (-webkit-device-pixel-ratio: 1) and (orientation: portrait)" rel="apple-touch-startup-image">
    <link href="/static/malpediasite/icon/apple-touch-startup-image-1182x2208.png" media="(device-width: 414px) and (device-height: 736px) and (-webkit-device-pixel-ratio: 3) and (orientation: landscape)" rel="apple-touch-startup-image">
    <link href="/static/malpediasite/icon/apple-touch-startup-image-1242x2148.png" media="(device-width: 414px) and (device-height: 736px) and (-webkit-device-pixel-ratio: 3) and (orientation: portrait)" rel="apple-touch-startup-image">
    <link href="/static/malpediasite/icon/apple-touch-startup-image-1496x2048.png" media="(device-width: 768px) and (device-height: 1024px) and (-webkit-device-pixel-ratio: 2) and (orientation: landscape)" rel="apple-touch-startup-image">
    <link href="/static/malpediasite/icon/apple-touch-startup-image-1536x2008.png" media="(device-width: 768px) and (device-height: 1024px) and (-webkit-device-pixel-ratio: 2) and (orientation: portrait)" rel="apple-touch-startup-image">
    
<link href="/static/malpediasite/css/clickable-row.css" rel="stylesheet">
<meta name="google-site-verification" content="3L6KzGESbdAnhVz7rh_8D4lLnGIYHAdNeX-LV4h9Adg" />

  </head>

  <body>
  <div class="container"><noscript>Please enable JavaScript to use all features of this site. </noscript><nav class="navbar navbar-toggleable-md navbar-light bg-faded clearfix"><button class="navbar-toggler navbar-toggler-right" type="button" data-toggle="collapse" data-target="#navbar_toggle" aria-controls="navbar_toggle" aria-expanded="false" aria-label="Toggle navigation"><span class="navbar-toggler-icon"></span></button><a class="navbar-brand float-left hidden-md-down" href="/"><img src="/static/malpediasite/logo.png"></a><a class="navbar-brand-small float-left hidden-lg-up" href="/"><img src="/static/malpediasite/logo.png"></a><div class="collapse navbar-collapse mt-lg-auto ml-lg-auto" id="navbar_toggle"><hr class="hidden-lg-up" /><ul class="navbar-nav ml-lg-auto"><li class="nav-item "><a class="nav-link" href="/library">Inventory</a></li><!----><li class="nav-item "><a class="nav-link" href="/stats/general">Statistics</a></li><li class="nav-item "><a class="nav-link" href="/usage/tos">Usage</a></li><li class="nav-item"><a class="nav-link" href="/apiqr/">ApiVector</a></li><li class="nav-item"><a class="nav-link" href="/login">Login</a></li></ul></div><a class="right-logo hidden-md-down" href="https://www.fkie.fraunhofer.de/"><img src="/static/malpediasite/fkie_190x52.gif"></a></nav><div class="row"><div class="col-lg-12"><div class="ajax-message"></div></div></div><div class="row"><div class="col-xl-12"><input autofocus type="text" class="form-control search" id="quicksearch" placeholder="Quicksearch...", data-url="/backend/quicksearch"><small id="quicksearch_text" class="form-text text-muted"></small><table id="quicksearch_result" class="table table-dark table-sm" style="margin-bottom:7.5px"><thead style="display:none;"><tr class="clickable-row" data-href="DEST_URL"><td>SYMBOL</td><!-- <td>NAME</td> --><td style="white-space: nowrap;">COMMON_NAME</td><td style="width=100%"><small><span>aka. </span>SYNONYMS</small></td></tr></thead><tbody></tbody></table></div><div class="col-lg-12"><div class="card"><div class="card-block"><h1 class="card-title">Hi!</h1><p>
                    Malpedia is a free service offered by <a href="https://www.fkie.fraunhofer.de/" target="_blank">Fraunhofer FKIE</a>.<br />
                    Administration is lead by Daniel Plohmann and Steffen Enders.
                </p><p><h4>Mission Statement</h4>
                    The primary goal of Malpedia is to provide a resource for rapid identification and actionable context when investigating malware. Openness to curated contributions shall ensure an accountable level of quality in order to foster meaningful and reproducible research.
                </p><p>
                    Please respect the <a href="/usage/tos">Terms of Service</a>.<br /><br />

                    Also, please be aware that not all content on Malpedia is publicly available. <br />
                    More specifically, you will need an account to access all data (malware samples, non-public YARA rules, ...). <br /><b>In this regard, Malpedia is operated as an invite-only trust group.</b></p><p>
                    For feature requests and feedback discussions, see our <a href="https://github.com/malpedia/feedback/issues">public issue tracker on GitHub</a>.
                </p></div></div><h3>Inventory Updates</h3><div class="card" style="margin-bottom:10px"><div class="card-block" style="padding-top:5px;padding-bottom:0px;"><h4 class="card-title" style="margin-bottom:5px;">23 Dec 2021
            
            <span class="card-subtitle mb-2 text-muted"><small>10:31:47</small></span><span class="fa-pull-right"><small><span class="badge badge-default" data-toggle="tooltip" data-placement="top" title="3 new familie(s) were added"><i class="fa fa-bug" aria-hidden="true"></i>
                        3
                    </span><span class="badge badge-default" data-toggle="tooltip" data-placement="top" title="7 new sample(s) were uploaded"><i class="fa fa-star" aria-hidden="true"></i>
                        7
                    </span><span class="badge badge-default" data-toggle="tooltip" data-placement="top" title="context information for 5 familie(s) was added or updated"><i class="fa fa-id-card" aria-hidden="true"></i>
                        5
                    </span><span class="badge badge-default" data-toggle="tooltip" data-placement="top" title="1 yara rules were added or updated"><i class="fa fa-tag" aria-hidden="true"></i>
                        1
                    </span><a class="badge badge-default collapsed" data-toggle="collapse" data-target="#0eb7f6d521d55360a351a470616b495e922db446details" style="color:white"><span class="visible-when-collapsed" data-toggle="tooltip" data-placement="top" title="Show More Details"><i class="fa fa-plus" aria-hidden="true"></i></span><span class="visible-when-not-collapsed" data-toggle="tooltip" data-placement="top" title="Show Less Details"><i class="fa fa-minus" aria-hidden="true"></i></span></a></small></span></h4><div class="changelog-details collapse" id="0eb7f6d521d55360a351a470616b495e922db446details"><table class="table table-sm table-dark"><tr class="clickable-row" data-href="/details/js.darkwatchman"><td>js.darkwatchman</td><td><li>This family was newly added to Malpedia.</li></td></tr><tr class="clickable-row" data-href="/details/win.ave_maria"><td>win.ave_maria</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.blister"><td>win.blister</td><td><li>This family was newly added to Malpedia.</li></td></tr><tr class="clickable-row" data-href="/details/win.chinoxy"><td>win.chinoxy</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.crimson"><td>win.crimson</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.funny_dream"><td>win.funny_dream</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.pseudo_manuscrypt"><td>win.pseudo_manuscrypt</td><td><li>This family was newly added to Malpedia.</li></td></tr><tr class="clickable-row" data-href="/details/win.shadowpad"><td>win.shadowpad</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.stop"><td>win.stop</td><td><li>This family was updated.</li></td></tr></table></div></div></div><div class="card" style="margin-bottom:10px"><div class="card-block" style="padding-top:5px;padding-bottom:0px;"><h4 class="card-title" style="margin-bottom:5px;">22 Dec 2021
            
            <span class="card-subtitle mb-2 text-muted"><small>16:05:53</small></span><span class="fa-pull-right"><small><span class="badge badge-default" data-toggle="tooltip" data-placement="top" title="2 new familie(s) were added"><i class="fa fa-bug" aria-hidden="true"></i>
                        2
                    </span><span class="badge badge-default" data-toggle="tooltip" data-placement="top" title="9 new sample(s) were uploaded"><i class="fa fa-star" aria-hidden="true"></i>
                        9
                    </span><span class="badge badge-default" data-toggle="tooltip" data-placement="top" title="context information for 12 familie(s) was added or updated"><i class="fa fa-id-card" aria-hidden="true"></i>
                        12
                    </span><span class="badge badge-default" data-toggle="tooltip" data-placement="top" title="1 yara rules were added or updated"><i class="fa fa-tag" aria-hidden="true"></i>
                        1
                    </span><a class="badge badge-default collapsed" data-toggle="collapse" data-target="#435eee0adaef5af50781f15a606fb5e37a5e3d52details" style="color:white"><span class="visible-when-collapsed" data-toggle="tooltip" data-placement="top" title="Show More Details"><i class="fa fa-plus" aria-hidden="true"></i></span><span class="visible-when-not-collapsed" data-toggle="tooltip" data-placement="top" title="Show Less Details"><i class="fa fa-minus" aria-hidden="true"></i></span></a></small></span></h4><div class="changelog-details collapse" id="435eee0adaef5af50781f15a606fb5e37a5e3d52details"><table class="table table-sm table-dark"><tr class="clickable-row" data-href="/details/elf.hive"><td>elf.hive</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.bazarbackdoor"><td>win.bazarbackdoor</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.bit_rat"><td>win.bit_rat</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.chaperone"><td>win.chaperone</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.conti"><td>win.conti</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.darkloader"><td>win.darkloader</td><td><li>This family was newly added to Malpedia.</li></td></tr><tr class="clickable-row" data-href="/details/win.diavol"><td>win.diavol</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.doppeldridex"><td>win.doppeldridex</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.dridex"><td>win.dridex</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.hive"><td>win.hive</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.lockbit"><td>win.lockbit</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.mercurialgrabber"><td>win.mercurialgrabber</td><td><li>This family was newly added to Malpedia.</li></td></tr><tr class="clickable-row" data-href="/details/win.quantloader"><td>win.quantloader</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.remcos"><td>win.remcos</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.zstealer"><td>win.zstealer</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/yara"><td>yara</td><td><li>This family was updated.</li></td></tr></table></div></div></div><div class="card" style="margin-bottom:10px"><div class="card-block" style="padding-top:5px;padding-bottom:0px;"><h4 class="card-title" style="margin-bottom:5px;">21 Dec 2021
            
            <span class="card-subtitle mb-2 text-muted"><small>09:10:12</small></span><span class="fa-pull-right"><small><span class="badge badge-default" data-toggle="tooltip" data-placement="top" title="context information for 4 familie(s) was added or updated"><i class="fa fa-id-card" aria-hidden="true"></i>
                        4
                    </span><a class="badge badge-default collapsed" data-toggle="collapse" data-target="#3dd1c7a9168c5607d1cd5e0d3e304b64b5deddb0details" style="color:white"><span class="visible-when-collapsed" data-toggle="tooltip" data-placement="top" title="Show More Details"><i class="fa fa-plus" aria-hidden="true"></i></span><span class="visible-when-not-collapsed" data-toggle="tooltip" data-placement="top" title="Show Less Details"><i class="fa fa-minus" aria-hidden="true"></i></span></a></small></span></h4><div class="changelog-details collapse" id="3dd1c7a9168c5607d1cd5e0d3e304b64b5deddb0details"><table class="table table-sm table-dark"><tr class="clickable-row" data-href="/details/win.doppeldridex"><td>win.doppeldridex</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.lockbit"><td>win.lockbit</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.meterpreter"><td>win.meterpreter</td><td><li>This family was updated.</li></td></tr><tr class="clickable-row" data-href="/details/win.stealbit"><td>win.stealbit</td><td><li>This family was updated.</li></td></tr></table></div></div></div><hr><form class="send_feedback" action="/backend/send_feedback" style="margin-bottom:15px"><input type='hidden' name='csrfmiddlewaretoken' value='633jjbX23q7YqMCkOLsZ8RlTQhyfuE1LaGHuDG7tb6fNPA1gDlERMx6A1u8F1cVq' /><div class="form-group"><label for="feedback">Feedback</label><textarea required class="form-control" id="feedback" name="feedback" rows="3"></textarea></div><script src='https://www.google.com/recaptcha/api.js' async defer></script><div class='g-recaptcha d-none' style='margin-bottom:15px;' data-sitekey='6LfK8IMUAAAAAFbpwlbTjM7r4tsATWd_oMPDxFCW' data-callback='recaptchaCallback'></div><input type="submit" class="btn btn-logo-red" value="Send"></form></div></div></div><footer class="footer bg-faded"><div class="container"><div class="col-xs-12"><a class="logo-red" href="/impressum">Impressum</a>
            &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
            <a class="logo-red" href="/datenschutzerklaerung">Datenschutzerkl&auml;rung</a></div></div></footer><script src="/static/malpediasite/js/jquery-3.5.1.min.js"></script><script src="/static/malpediasite/js/tether.min.js"></script><script src="/static/malpediasite/js/bootstrap.min.js"></script><script src="/static/malpediasite/js/clickable-row-0.0.3.js"></script><script src="/static/malpediasite/js/quicksearch-0.0.5.js"></script><script src="/static/malpediasite/js/ajax-0.0.3.js"></script><script>
$(document).ready(function() {
    $(function(){
        $('[data-toggle="tooltip"]').tooltip()})
    enable_form("form.send_feedback", before_send=function(){}, success=function(data){
        if (data.status == "ok"){
            $("#feedback").val("");
            $("form.send_feedback").slideUp(500);
        }
    });
});

</script>
  </body>
</html>
